<?php
session_start();
include('../../includes/config.php');
include('../../includes/functions.php');

// 检查用户是否已登录，且是医生角色
if (!isset($_SESSION['user_id']) || $_SESSION['user_role'] != 'doctor') {
    header('Content-Type: application/json');
    echo json_encode([
        'success' => false,
        'message' => '未授权访问'
    ]);
    exit();
}

// 检查是否提供了患者ID
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
    header('Content-Type: application/json');
    echo json_encode([
        'success' => false,
        'message' => '缺少有效的患者ID'
    ]);
    exit();
}

$patient_id = intval($_GET['id']);

// 获取患者信息
$stmt = $conn->prepare("
    SELECT p.*, u.username, u.email 
    FROM patients p 
    JOIN users u ON p.user_id = u.id 
    WHERE p.id = ?
");
$stmt->bind_param("i", $patient_id);
$stmt->execute();
$result = $stmt->get_result();

if ($result->num_rows === 0) {
    header('Content-Type: application/json');
    echo json_encode([
        'success' => false,
        'message' => '找不到指定的患者'
    ]);
    exit();
}

$patient = $result->fetch_assoc();
$stmt->close();

// 返回患者信息
header('Content-Type: application/json');
echo json_encode([
    'success' => true,
    'data' => [
        'id' => $patient['id'],
        'name' => $patient['name'],
        'gender' => $patient['gender'],
        'birthday' => $patient['birthday'],
        'id_card' => $patient['id_card'],
        'phone' => $patient['phone'],
        'address' => $patient['address'],
        'medical_history' => $patient['medical_history'],
        'allergy' => $patient['allergy'],
        'username' => $patient['username'],
        'email' => $patient['email']
    ]
]); 